WordPress Update v4.9.6, Privacy and GDPR
On Thursday, WordPress version 4.9.6 was released. For those of you who follow such updates, this one included 95 updates from data handling to PHP polyfills. However, the vast majority of small business (medium and large too) webmasters will be focusing on updates regarding the addition of a new ‘Privacy’ link under general admin settings.
What does GDPR have to do with MY website?
GDPR is a European Union initiative that will take place on May 25th, 2018. Yes, it’s a European regulation to be sure, but the requirements apply to all sites and online businesses that collect, store or process personal data about EU residents. Thanks to the internet’s global reach, most any and every website can (and probably does) potentially touch an EU resident at some point if not already.
Have you noticed the flurry of popups across larger sites from FaceBook to Amazon describing how they collect and use personal information? It’s not just the large sites…smaller ones have just as much international reach potential, regularly setting cookies for tracking, etc.
No matter the size of a business site using WordPress these days, odds are pretty good that there is at least one plugin installed which collects some sort of personal data. If that’s your website, you’ll need a privacy page immediately.
Get your website updated to 4.9.6 and set your privacy page today!
How can my business site comply with GDPR?
First off, many website owners in the United States are wondering…can a privacy law enacted by the EU really affect my website? Yes, it can. Just look at the 2016 EU-US Privacy Shield, a framework for personal data exchanges between the EU and US. Passing personal data between these two is serious and the activity is well recognized by our country.
So unless you are 100% sure that absolutely no EU resident will EVER come across your website or mobile application, you should comply by addressing the following:
- Keep it updated. Let users on your site know when there are changes.
- Clearly state who you are, the legal name of your business and if it’s controlled by another company.
- Inform clearly the physical location of your business.
- What kind of data you collect
- Why you collect it
- How it was obtained exactly
- How long you will keep it
- Who secure it is on your site
- Whether you share it (and why)
Remember…the GDPR defines the rights of users on websites. Those rights include:
- The ability to access, view and edit their own information in a timely fashion
- The right to be erased from your system should they request
- The right to object to direct marketing from your site/brand